SenSage Achieves In Process Status For Stringent FIPS 140-2 Government Standard

REDWOOD SHORES, CA – May 31, 2011 – SenSage, Inc., a leading provider of Security Information and Event Management (SIEM) systems, today announced that the SenSage CryptoCore Module has been placed on the Modules In Process List for the Federal Information Processing Standards Publications (FIPS) 140-2 Validation: Security Requirements for Cryptographic Modules. Since FIPS 140-2 validation is a requirement for any cryptographic product that will be used in a U.S. government agency network, this achievement provides strong validation for SenSage SIEM, log management and event data warehouse applications.

To expedite the FIPS 140-2 validation process, SenSage partnered with Corsec Security, Inc., a consulting firm with over 13 years experience in testing products for FIPS certification. “With the increased complexity of insider threats and advanced persistent threats, government agencies are looking beyond traditional SIEM technologies to address their sophisticated requirements for collecting, retaining, and analyzing sensitive data,” said Matthew Appler, CEO of Corsec Security. “SenSage directly addresses these needs, and this FIPS 140-2 validation is evidence of that.”

SenSage’s technology is also currently being evaluated under the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS), with expected completion in the coming months.

“SenSage open security intelligence solutions address government compliance requirements and enable proactive information assurance missions,” said Joe Gottlieb, president and CEO of SenSage. “We are extremely proud of our role teaming with the Federal Government to facilitate compliance reporting and auditing while helping to protect our nation’s digital information, applications and infrastructure.”

“Government agencies need to filter vast amounts of security information and then drill down, across, through and around security exceptions to better understand security effectiveness and to prioritize security improvements,” explained Kirk Hanson, Senior Vice President of IT Solutions, Alvarez & Associates. “We are pleased to partner with SenSage to deliver what our customers need, and certainly, the FIPS 140-2 validation of the SenSage Private Encryption File System will provide users with a high degree of security, assurance, and dependability.”

The FIPS 140-2 standard, which is mandated by law in the U.S., is a joint effort by the National Institute of Standards and Technology (NIST) in the United States, and the Communications Security Establishment (CSEC), under the Canadian government. The FIPS standard is also currently being reviewed by ISO to become an international standard. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140-2, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140-2 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency. The In Process listing can be viewed at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf.

About SenSage SenSage', Inc. helps organizations collect, store, analyze and interpret complex information to identify new threats, improve cyber-security defenses, and achieve industry and regulatory compliance.

Combining powerful data warehousing, scalable clustered multiprocessing and sophisticated analytics, SenSage serves our customers’ most advanced Security Information and Event Management (SIEM), log management, Call Detail Record (CDR) retention and retrieval and Continuous Controls Monitoring (CCM) use cases. SenSage systems are open to all event data types, scale to petabytes, minimize storage costs and perform sophisticated data analysis.

Hundreds of customers worldwide leverage patented Security Intelligence solutions from SenSage to identify, understand and counteract cyber-threats, fraud and compliance violations. SenSage partners include Cerner, Cisco, EMC, McAfee and SAP. For more information, visit www.Sensage.com, follow us on Twitter: @Sensage, and watch for us on www.youtube.com/Sensagetv.

About Corsec Security, Inc.

Corsec Security, Inc. specializes in helping companies navigate through the complex process of receiving FIPS 140-2 and Common Criteria (CC) certifications. Corsec’s consulting, document creation, and project management services deliver unmatched expertise in achieving government validation efforts at a firm, fixed price. Corsec partners with companies around the world to achieve local and international certification and to add security functionality to a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation while ultimately maximizing the return on that investment. For further information, please visit www.corsec.com.

About Alvarez & Associates, LLC

Founded in 2004, Alvarez & Associates, LLC, (A&A) is a Washington DC based Information Technology company. In 2007, A&A was awarded the NASA SEWP lV Contract as one of only 6 Service Disabled Veteran Owned Small Businesses (SDVO/SB) prime contractors out of 38 prime contractors. The NASA SEWP (Solutions for Enterprise-Wide Procurement) GWAC (Government-Wide Acquisition Contract) allows Alvarez to provide the latest in Information Technology products to any Federal Government Agency, while helping that agency achieve its SDVO set-aside credit goals. For more information, please visit www.alvarezassociates.com.